Collision Power Analysis On Lightweight Block Cipher Algorithm

Since Paul Kocher proposed timing attack in Crypto’96, the side channel attacks and defensive measures have become an important branch of cryptography research, and attract the attention of academia and industry. There are many ways of side channel attack. Power analysis attack, presented by Kocher in1999, is one of the most important and practical method. It is one of the popular direction in the current side channel attack. Soon afterwards, Schramm proposed collision attack in FSE’03, which became the research hotpots in this direction. In CHES’10, Yang presented the concept of fault sensitivity analysis, which uses the fact that the critical path of the AES S-box exhibits sensitive-data dependency.Traditional cryptanalysis methods use the mathematical properties of cryptographic algorithms to analyze, unlike the traditional method, power analysis attacks use the power consumption of the cryptographic equipments to obtain the secret information. Because power analysis attack is non-invasive, it posed a serious threat to the security of smart cards.With the development of technology and the popularity of the network, cryptographic equipments live more and more widely in people’s daily lives. The common cryptographic equipments include USB key, confidential u disk, SIM card, RFID card and so on. The Internet of Things has become a hot area of research in IT industry with the development of integrated circuit and wireless technology. With the popularity of micro-computing devices, in particular, RFID tags and wireless sensor networks go into all aspects of people’s lives, how to provide security for these resources-limited equipments become the problem to be solved. Lightweight block cipher algorithms are developed in this context with the feature of relatively short key length and simple algorithm structure, providing security for tiny devices.Due to the recently wide use, there are not many research in the collision attack on lightweight block cipher algorithms. However, it will bring threat to side channel information leakage because of inappropriate realization. Meanwhile, the structure of lightweight block cipher algorithms is relatively simple and the key length is short, it’s more likely to be attacked efficiently. Therefore, in this paper we will give the collision attack on the AES and PRESENT. The main work is as follows:1. Due to noises and other factors, the template attacks and the collision attacks don’t always get the correct keys. According to the character of PRESENT algorithm, combined with the characteristics of the template attacks and collision attacks, we propose a method named template-collision attacks and reduce the candidate key search space from24h to2258h.2. According to the FSA collision ideas[29], we apply it in the hardware implementation of the PRESENT algorithm with mask. Under some fault clock cycle, we determine whether the two S-boxes generate errors together or not, then we can judge whether the collision occurs. We verify the feasibility of this method through simulation.